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(57) Abstract: The aim of the invention is a method for managing the security of the assembly of equipment, security module 
and applications, with the aim of reducing the risks associated with the possible use of a security module with bad intentions, by 
applications executed on a type of equipment and/or a software version not entirely meeting the established security criteria. Said 
aim is achieved, by means of a method for managing the security of applications (APP), functioning in a piece of equipment (CB), 
connected to a network (NET), said network (NET) being administered by a control server (CSE) of an operator, said applications 
using resources (RES) (data or functions), stored in a security module (SIM), connected locally to said equipment (CB), comprising 
the following preliminary steps: receipt of data comprising at least the type and the version of the equipment software (CB) and 
the identity of the security module (SIM), over the network by the control server, analysis and verification by the control server 
(CSE) of said data (ID), generation of a cryptogramme (J), from the result of the verification of said data (ID), and transmission 
of said cryptogramme (J), by means of the network (NET) and the equipment (CB), to the security module(SIM). Said method is 
characterised in that the security module (SIM) analyses the cryptogramme (J) received and activates and deactivates, respectively, 
resources (RES) (data or functions), used by at least one application (APP), installed in the equipment (CB), said cryptogranune (J) 
comprising instructions changing the function of the application (APP) according to criteria established by the application provider 
and/or the operator and/or the equipment user. 



(57) Abrege : Le but de la presente invention est de proposer une methode de gestion de la security de I'ensemble equipement, 
^ module de security, applications afin de limiter les risques li^s au fait qu'un module de security soit utilise k mauvais escient par des 
applications ex6cut6es sur un Equipement de type et/ou de version de logiciel ne remplissant pas entierement les crit^res 

[Suite sur la page suivante J 



wo 2005/046278 A2 



GD GE GH, GM, HR, HU, ID, IL, IN. IS, JP, KB, KG, 

KP 'kr kz, lc. lk, lr, ls, lt, lu, lv, ma, MD, MG, 

MK MN, MW, MX, MZ, NA, MI, NO, NZ, OM, PG, PH, 
PL PT RO RU, SC, SD, SE, SG. SK, SL, SY, TJ, TM, TN, 
TR, TT, TZ, UA, UG, US, UZ, VC, VN, YU, ZA, ZM, ZW. 

(84) ttats designes (sauf indication contraire, pour tout tUre 
de protection regionale disponible) : ARIPO (BW, GH, 
GM KE, LS, MW, MZ, NA, SD. SL, SZ, TZ, UG, ZM, 
ZW) eurasien (AM. AZ, BY, KG. KZ, MD, RU, TJ, TM), 
eutop&n (AT, BE. EG. CH, CY. CZ, DE, DK. EE. ES. H, 
FR. GB. GR, HU. IE. IS. IT. LU. MC, NL. PL. PT, RO. SE. 



lilllilH 


Hiill 


lllllllllillllll 


iilillillllli 


Hill 


ii 



SI, SK, TR), OAPI (BF, B J, CF, CG, CI, CM, GA, GN. GQ. 
GW, ML, MR, NE, SN, TD, TG). 

Publiee : , . ,. , 

— sans rapport de recherche intemationale, sera republiee 

des reception de ce rapport 

En ce qui conceme les codes a deux lettres et autres abrevia- 
lions se referer aux "Notes explicatives relatives aux codes et 
abre'viations" figurant au debut de chaque numiro ordinaire de 
la Gazette du PCT. 



(CB) connects k un r^seau (NET), ledit r6seau (NET) ^-'^"V^'^^^'^'lPf .""^^^^^ 

Lpplications utilisant des res«.un:es (RES) (donnies ou fonc.ons) ^^^j^^^ ^^^^^^^^^ le .ype et la ve«ion 

^uipement (CB). oomprenant les etapes pra.rrunmres serveur de contrfile ; analyse et 

de logicie. de '-^uipe--' f fj^^ ^^^^^^^ (J) ^ partir du risultat de la 

verification par le serveur de controle (CSB) desaites J;^' ^ . , . et I'^quipement (CB), au module 
verification sur lesdites donn&s (ID), et ..ansm^ston ^^'^^^^J^'^^^^^Zi^ZTy.. le cryp^ogLme (J) re^u et active, 

de security (SIM), ladite mfithode est caract^sfe en ce que l^.*""^"'" „„e application (APP) installie dans 



